Cyber Attacks, Threats, and Vulnerabilities
Who are the Shadow Brokers? Signs point to an intelligence insider (SearchSecurity) A Black Hat 2017 session presented by security researcher Matt Suiche looked at the Shadow Brokers and who they might be.
Shadow Brokers post new message as US hunts for disgruntled ex-NSA agent in cyberweapons leak (International Business Times UK) US investigators are reportedly focused on identifying a former insider who may be linked to the hacker group.
North Korea Targeting Poker Sites For Nuclear Cash, South Korea Says (Cardschat) South Korea's Financial Security Institute has linked North Korea to high-profile hacking groups they say have attacked online poker and gambling sites.
Is North Korea Hacking Satellite Agencies, Laboratories in India? (Sputnik) A cyber threat report published earlier this week indicates that North Korea could be attempting to hack into the systems of sensitive agencies in India and several other countries.
An Isolated North Korea Turns to Cyber Coercion and Cyber Chaos (The Cipher Brief) As North Korea’s nuclear and ballistic missile programs ruffle the feathers in the United States and regional players in East Asia, there is another, less visible, confrontation occurring in the depths of computer systems around the world.
Power firms alerted on hack attack scenarios (BBC News) Specific warnings about code used in potential attacks are sent to regulators, say security experts.
Industroyer malware a turning point for ICS security (SearchSecurity) Security researchers at Black Hat 2017 tackle the Industroyer malware and the threats to energy grids and ICS security.
Researcher: Metadata the ‘most potent weapon’ against critical infrastructure security (Federal Times) One researcher is warning leaders in government and industry of an old threat that, fueled by recent legislation and commercial practices, is quickly surpassing zero days and APTs as perhaps the greatest risk to critical infrastructure security.
How to protect the power grid from low-budget cyberattacks (Help Net Security) Vulnerabilities combined with publicly available information can provide enough guidance to execute low-budget power grid cyberattacks.
Flaws in web-connected, radiation-monitoring kit? What could go wrong? (Register) Ripe target for ne'er-do-wells...
Decrypting the Motivations Behind NotPetya/ExPetr/GoldenEye (Dark Reading) Experts discuss the methods and targets involved in this week's massive malware outbreak to figure out what motivated attackers.
North Korea hackers 'want cash not secrets' (BBC News) Banks in South Korea and elsewhere are being targeted for foreign currency, a report says.
With Fake News And Femmes Fatales, Iran's Spies Learn To Love Facebook (Forbes) Before she disappeared from Facebook, Mia Ash was a fun-loving, young photographer who used the world's biggest social network to showcase her work. Ash was popular too. Stretching back to April 2016, she'd befriended a lot of individuals, as many as 500, with similar interests. Her looks almost certainly helped her apparent popularity.
Could ISIS’s next caliphate be in cyberspace? (TheHill) OPINION | Left without physical territory, ISIS could easily move its caliphate into cyberspace.
The Myth of ISIS's Strategic Brilliance (Defense One) The group has adapted to battlefield setbacks. But that doesn't mean it factored territorial losses into its master plan.
Chinese researchers hack into Model X, take control of brakes (Roadshow) Software update 8.1 already patched the holes, so don't worry too much.
Wannacry Inpires Worm-like Module in Trickbot (Dark Reading) The malware is being primarily distributed via email spam in the form of spoofed invoices from an international financial services com, says Flashpoint.
Triada Trojan Found in Firmware of Low-Cost Android Smartphones (BleepingComputer) Security researchers have found malware inside the firmware of several low-cost Android smartphones, such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.
UK money transfer service 'leaks private data and passport scans' of 11,000 customers (International Business Times UK) The leak was blamed on an unprotected Amazon Web Services (AWS) cloud server.
Swedish ministers resign amid data security breach scandal (POLITICO) Citizens’ sensitive personal information may have been leaked.
Merck says cyber attack halted production, will hurt profits (Reuters) Drug and vaccine maker Merck & Co Inc (MRK.N) said it suffered a worldwide disruption of its operations when it was the victim of an international cyber attack in June, halting production of its drugs, which will hurt its profits for the rest of the year.
SMBLoris - the new SMB flaw (SANS Internet Storm Center) While studying the infamous EternalBlue exploit about 2 months ago, researchers Sean Dillon (zerosum0x0) and Zach Harding (Aleph-Naught-) found a new flaw in the Server Message Block (SMB) protocol that could allow an adversary to interrupt the service by depleting the memory and CPU resources of the targeted machine on a Denial of Service (DoS) attack.
The $10 Hardware Hack That Wrecks IoT Security (WIRED) Using an SD card reader and some soldering savvy, these hackers rooted out a ton of IoT zero days.
Hackers Show Proofs of Concept to Beat Hardware-Based 2FA (Motherboard) DEF CON hackers show how YubiKeys and RSA tokens can be spoofed and circumvented.
How one small hack turned a secure ATM into a cash-spitting monster (TechRepublic) At BlackHat 2017, security researchers demonstrated how a small flaw in an ATM allowed them to empty all the cash out.
IRS warns about spear phishing (Jackson Sun) Spear phishing is not a sport. It’s a scam and the IRS has issued an alert to tax professionals to be wary of it. Their clients may be the ultimate victims....
How Hackers Can Use 'Evil Bubbles' to Destroy Industrial Pumps (WIRED) One demonstration at the Black Hat conference shows how insidious physical infrastructure hacking could be.
Hackers scour voting machines for election bugs (Reuters) Hackers attending this weekend's Def Con hacking convention in Las Vegas were invited to break into voting machines and voter databases in a bid to uncover vulnerabilities that could be exploited to sway election results.
DEF CON Rocks the Vote with Live Machine Hacking (Dark Reading) Jeff Moss, founder of the hacker conference, is planning to host a full-blown election and voting system for hacking in 2018 at DEF CON, complete with a simulated presidential race.
An insider sifts through 108,000 client files. What can go wrong? (CSO Online) Bupa Global responds after an employee in its international health insurance division was caught copying and removing information from client files.
Security Patches, Mitigations, and Software Updates
iTWire - Microsoft refuses to fix 20-year-old SMB zero-day (IT Wire) A 20-year-old flaw in the server message block protocol used in Windows has been uncovered by two researchers who presented the details of their findings...
Symantec distrust to begin in Chrome from April 2018 (ZDNet) Google's browser will start the process of removing trust from old Symantec TLS certificates in Chrome 66.
Google Outlines SSL Apocalypse for Symantec Certificates (BleepingComputer) Google will distrust all existing Symantec SSL certificates starting with October 2018, and Symantec will have to rebuild its entire certificate issuance infrastructure from scratch if it wants to remain in the CA (Certificate Authority) business.
The Death Of Adobe Flash Is Long Overdue (Forbes) The world can breathe a collective sigh of relief. Adobe announced this week that it will officially end development of the Adobe Flash Player at the end of 2020. To be honest, though, the end of 2020 is still a long way off, and the death of Flash is actually long overdue.
Adobe Flash Player Is Dying: Should You Still Install It? (Blorge) A few days ago, we talked about Adobe pulling the plug Flash Player on 2020. This didn’t really come as a surprise since everyone knew that the web client was on its way to retirement — the only question was when. However, the announcement of Flash Player’s retirement date has left people with a lot …
Cyber Trends
A Fake Cyber Stat Lives On in Congress (Nextgov) Some numbers are too convincing to go away.
Ombudsman says SMBs are a growing target for cybercrime in Australia (ZDNet) As the threat escalates, Australian Small Business and Family Enterprise Ombudsman has said knowledge of where small-to-medium businesses should turn in the event of a cyber attack is also unclear.
2017 cybersecurity trends at the Black Hat conference (SearchNetworking) Bloggers explore 2017 cybersecurity trends in anticipation of this year's Black Hat conference, Movidius AI offering and Mist's new take on WLAN.
At Black Hat Conference, good guy hackers have a bleak view of US cybersecurity (CNBC) Sixty percent of Black Hat conference experts believe a successful cyberattack on US infrastructure will occur in the next two years.
Verticals Vary Widely When it Comes to Prioritizing Cyber (Infosecurity Magazine) About 60% of finance/insurance execs consider cybersecurity a very high priority, vs 15% in hospitality and food.
When Snowden mattered (TechCrunch) Four years ago, the deep state was the enemy. Edward Snowden had just revealed its machinations. The head of the NSA was angrily catcalled during his Black..
Marketplace
Trillium Announces Acquisition of CanBusHack Inc. (ACN Newswire) Trillium Inc, a leading automotive cybersecurity solutions provider, today announced its acquisitioon of the assets of cybersecurity consulting firm CanBusHack, Inc.
Demand for automotive cybersecurity pros outpaces supply (TheHill) As the need for automotive cybersecurity researchers grows, the supply is not keeping up with demand.
Apple Removes Apps From China Store That Help Internet Users Evade Censorship (New York Times) The world’s most valuable company appears to have pulled down the apps amid China’s deepening crackdown on tools that evade internet controls.
Wannacry revealed as the 'biggest driver' for cyber insurance (Information Age) CFC Underwriting saw a 44% increase in cyber insurance enquiries during the month following the WannaCry cyber attack
Jeff Sessions made investors want to throw money at dark web intelligence firms (Cyberscoop) When U.S. Attorney General Jeff Sessions stepped in front of cameras and told the world about the international law enforcement operation that resulted in the bust of at least two multimillion-dollar dark web markets, investors’ ears perked up.
Asia turns to Israel's tech warriors for cyberprotection (Nikkei Asian Review) Veterans of IDF's elite Unit 8200 bring expertise to the private sector
IBM, Dell, McAfee Among Leading Vendors in Threat Intelligence (Channel Partners) The major forces driving the threat intelligence market are the increasing threat of data breaches due to insider attacks, fast-paced adoption of threat intelligence offerings among SMEs, and increasing adoption of crowd-sourced threat intelligence platforms.
This is the Dell security team. We have you surrounded. Come out with a purchase order (Register) RSA/VMware/Dell pincer movement to sell all the cybers
Would Raytheon consider a Forcepoint IPO? (Washington Technology) Raytheon's CEO tamps down investor inquiry over whether defense contractor would consider taking its Forcepoint cyber product joint venture to the public stock exchanges.
Why FireEye Inc (FEYE) Stockholders Have More Reasons to Feel Secure (InvestorPlace) FireEye holds a solid position in the cybersecurity market, and FEYE stock is poised for significant gains over the rest of this year.
Steep Market Competition Possibly Pushed Kaspersky to Offer Free Software (Sputnik) Russian cybersecurity firm Kaspersky Lab’s offer of a free version of the antivirus software may be a result of increased competition on the global antimalware market.
Commentary: Atlanta Can Become a Global Cybersecurity Capital (Global Atlanta) Editor’s note: The below is a commentary article written by Justin Daniels, the attorney leading Baker Donelson’s cybersecurity incubator in Atlanta
ViewQwest opens cyber security centre (The Straits Times) Local firm ViewQwest has set up its first security operations centre (SOC) here as it jostles for a share of the lucrative cyber security market.. Read more at straitstimes.com.
EY Opens Advanced Cybersecurity Center in Dallas to Help Clients Stay Ahead of Emerging Threats (PRNewswire) EY announced today that it will soon open an advanced, multi-million-dollar...
SAIC sector president Wagoner to leave company (Washington Technology) Science Applications International Corp. Sector President Doug Wagoner has resigned from the government services contractor, effective Sept. 1.
Products, Services, and Solutions
Inky Phish Fence Demo (Inky) Inky Phish Fence provides unique content-based protection against email-based phishing attacks, including zero-day exploits like typo domains and other brand forgeries.
CyberRisk partners with KnowBe4 (CSO) CyberRisk is one of Australia's leading information security, technology risk management and privacy consulting firms. Today CyberRisk announced that it is bringing the world's most popular integrated platform for Security Awareness Training and simulated phishing attacks to Australia.
AWS Web Application Firewall: Bolt-on Security for Insecure Websites (InfoQ) AWS Web Application Firewall inspects traffic coming into your web application, looking for suspicious activity. It can pass good requests onto your application and block requests that match common attack vectors - like SQL injection. WAF can add a layer of security onto an existing application without changing the app.
Hueya Finds Users Should Not Delete Facebook Accounts (Sys-Con Media) Today Hueya, the leader in online security tools for families, announces users are safer online when they own their digital identity and secure it with Hueya's suite of online security tools, rather than deleting or deactivating accounts such as Facebook.
Kaspersky releases Internet Security 18 for Mac (BetaNews) Do you need security software for your Mac? Whenever we’ve installed any security suite on our Macs they seriously reduce the effectiveness of our computer with almost the minimum advantage.
Technologies, Techniques, and Standards
Independent labs will test the security of medical devices (Help Net Security) The Medical Device Innovation, Safety and Security Consortium launched the first of many specialized labs for security testing medical devices.
Cloud Security Alliance Announces Upcoming Launch of CCSK v4 (IoT Evolution) The Cloud Security Alliance (CSA), an organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, recently announced at the Black Hat security conference in Las Vegas that its Certificate of Cloud Security Knowledge (CCSK) has been significantly updated to reflect changes in the cloud and security landscape and will be available in November of this year.
Is Cloud Security a Safe Bet for Highly Sensitive Government Data? (Security Intelligence) Given the sensitivity of data and the rising volume of cyberattacks across the globe, government agencies have deep concerns about cloud security.
Azure security boss tells sysadmins to harden up and properly harden Windows Server (Register) You're leaving stuff ON that deserves to be OFF
Security pros at hacker conference: Be more boring (TheHill) Cyber threats have never been more complicated. But, argue professionals at the most prominent research event in the hacker calendar, there has never been a better time to be more boring about security.
Army Cyber Education Enlists Field Operations (SIGNAL Magazine) Electronic warfare joins the digital realm in a confluence of activities to adjust to evolving threats.
Container security: The seven biggest mistakes companies are making (Help Net Security) As enterprises increase adoption of containers, they also risk increasing the number of mistakes they make with the technology. Given that many companies a
‘Companies can hide data breaches but ransomware can’t be hidden’ (Silicon Republic) Tarah Wheeler, website security czar at Symantec, spoke at Inspirefest 2017 about recent ransomware attacks and the future of cybersecurity.
Mitigate Ransomware Through Industry Best Practices (BOSS Magazine) Untangle’s CTO provides insight into how to mitigate ransomware threats--and it's easier than you might think.
Facebook joins heavy hitters to fund group standing up to post-truth (Naked Security) Facebook is joining executives from Google as well as former head of the NSA and Hillary Clinton, among others, to support the body that looks like a version 2.0 upgrade to fact-checking
Reality check: one zero-day doesn't equal an attack (Information Age) Vulnerabilities are everywhere, and although they can’t be totally evaded, they can be countered effectively
Security Think Tank: Employees are in the cyber attack firing line, so educate them well (ComputerWeekly) What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?
What's the difference between cyber and IT? (C4ISRNET) The delineation between “cyber” and “IT” is generally thought to be operations within a maneuver space vs. the infrastructure that enables that to happen, respectively.
Going on holiday? Here are our tips for a security-minded trip (Naked Security) From taking care with hotel WiFi to keeping your cellphone safe, we’ve got some advice as you head off on holiday
What is cryptocurrency? (The Telegraph) Cryptocurrency is a form of digital money that is designed to be secure and, in many cases, anonymous.
Patrick Byrne: Why Cryptocurrency Matters (ValueWalk) This week we talk with Patrick Byrne, CEO of Overstock.com, and rare courageous voice within corporate America raising concern that powerful interests on Wall Street are destroying US companies for profit, robbing investors and destabilizing our financial system in the …
Stanford Cryptography Professor Releases Free Cryptocurrency Lecture (Cointelegraph) For those who are particularly interested in delving a bit more into cryptocurrency, a Stanford University cryptography PhD professor has recently released his lecture material for free.
Design and Innovation
Creating a Common Language Of Cybersecurity (SIGNAL Magazine) The ODNI is developing a set of common definitions to unify descriptions of cyberthreats used by different elements of the intelligence community.
Why Zuckerberg and Musk Are Fighting About the Robot Future (The Atlantic) It looks like the two tech titans are arguing about AI’s impact on humanity. Really they’re protecting their personal brands.
Security operations is broken, and AI can fix it (TechTarget) Every day, it seems, we read headlines about a new data breach or cyberattack. Then we talk about how to improve cybersecurity to prevent similar attacks from happening in the future. Chief among the issues to address is a lack of security personnel to fill vacant positions: How can we improve security if we don’t have the people to perform the work?
For 20 Years, This Man Has Survived Entirely by Hacking Online Games (Motherboard) A hacker says he turned finding and exploiting flaws in popular MMO video games into a lucrative, full-time, job.
No wonder cybersecurity is so bad: There's no way to measure it (Cyberscoop) No one has ever tested out how effectively cybersecurity measures used to harden operating systems and other computer software actually are.
Research and Development
Software brittleness may harden embedded systems (GCN) Brittleness causes programs to fail fast when under attack, which allows systems to quickly detect and disrupt cyberattacks and revert to known-good states.
Cyber-risk analysis, time are keys to infosec says game theory (SearchSecurity) Cyber-risk analysis, understanding the enterprise network and designing security to waste attacker time may be keys to cybersecurity, according to game theory.
Darpa Wants to Build a BS Detector for Science (WIRED) The Pentagon's blue-sky division asks for help in figuring out what research to believe
Who's the better ferret? Despite all our computing power, some of the world's greatest ciphers remain unsolved (Deutsche Welle) We use ciphers to keep secrets secret. To crack ciphers, you need math, psychology and a slab of luck. It's not easy. Many great ciphers remain unsolved, as cryptologist Craig P. Bauer tells DW's Zulfikar Abbany.
200 Terabyte Proof Demonstrates the Potential of Brute-Force Math (Motherboard) Automated verification finds renewed potential for making algorithms safe.
Academia
UNO uses NSA grant to teach about cyber security (WDSU) Educators to take notes back to classrooms
The US Army is teaching kids how to hack at DEF CON (DOTHANFIRST) At DEF CON, anyone can learn to hack -- toddlers included.
DMU students benefit from new cyber security expert on board (DeMontfort University) Learning from one of the country’s top cyber security experts and a De Montfort University Leicester (DMU) alumnus, is preparing students for a fast-paced industry.
Legislation, Policy, and Regulation
Human rights organisations declare EU-US privacy shield invalid (SC Media UK) US surveillance practices render EU-US Privacy Shield ineffective according to a recent letter from Amnesty International and Human Rights Watch.
Cybercrimes Bill makes cyberspace less secure (GroundUp) It also has a sinister provision that will make it easier for State Security to undermine privacy and freedom
New U.S. Cyber-Security Legislation May Help Reassert Fourth Amendment (eWEEK) NEWS ANALYSIS: Three pieces of federal legislation, one in the Senate and two in the House of Representatives could change the way the government regulates cyber-security and data privacy if approved.
Warner wants election-hacking to lead to cyber response (CNN) Sen. Mark Warner wants to add election-hacking to a proposed US policy outlining when and how the US should respond to cyber attacks.
Cyber Peace Treaty or the Peace of the Hegemon? (NewsClick) U.S. officials claim publicly that Cyber Command is primarily defensive, but the reluctance to entertain the idea of a cyberspace disarmament treaty is raising questions about the true U.S. position.”
Here's how the Air Force is fighting in the cyber domain (C4ISRNET) This is part four of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.
DHS cyber shakeup faces new hurdles (TheHill) Lawmakers have been pushing to reorganize DHS's cyber team.
Dear Floyd Mayweather, you’re why the SEC exists (TechCrunch) Dear Floyd Mayweather: While perusing Facebook, I chanced across your post drumming up interest in the upcoming Stox initial coin offering (ICO). I..
Litigation, Investigation, and Law Enforcement
Australian Police Prevent a Terrorist Attack (The Atlantic) Authorities arrested four men Sunday who they say were planning to bring down an airplane.
Homeland Security says it is 'closely following' Australia terror plot (TheHill) The Department of Homeland Security said Sunday it is closely monitoring the foiled Australia terrorist plot in which extremists planned an attack targeting an airplane.
Temple Mount crisis underscores challenge for intelligence agencies (Haaretz) The evolution of the Temple Mount crisis has exposed Israeli officials’ shortsightedness.
Exclusive: Congress asks U.S. agencies for Kaspersky Lab cyber documents (Reuters) A U.S. congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out "nefarious activities against the United States," according to letters seen by Reuters.
Were the Russians Playing Both Sides? (The American Interest) Was the goal sanctions relief? Installing Trump? Just sowing chaos in our system? Or maybe all of the above?
Businessman Paints Terrifying And Complex Picture Of Putin's Russia (NPR) William Browder knows Vladimir Putin's Russia all too well.
Who Paid for the ‘Trump Dossier’? (Wall Street Journal) Democrats don’t want you to find out—and that ought to be a scandal of its own.
With Robert Mueller, FBI gets second chance to inspect ‘hacked’ DNC computers (The Washington Times) Robert Mueller’s appointment as special counsel of the Russia election interference probe presents an opportunity for the FBI to inspect the Democratic Party computers that U.S. intelligence concluded were penetrated by Kremlin-directed hackers, cybersecurity analysts say.
Intelligence chairman accuses Obama aides of hundreds of unmasking requests (TheHill) Intelligence Chairman Devin Nunes (R-Calif.), in a letter to Director of National Intelligence Dan Coats, said the requests were made without specific justifications on why the information was needed.
Debbie Wasserman Schultz and the Pakistani IT Scammers (National Review) There’s more than bank fraud going on here.
Online site backing defense of accused NSA leaker founded to promote “fearless journalism” (Augusta Chronicle) The founders of the online news publication that will help in the defense of a Fort Gordon contractor accused of leaking a classified document were among the first to report on the National Security Agency surveillance of citizens in other countries and at home in 2013, using thousands of documents leaked by a former NSA contractor, Edward Snowden.
Police crack seized phones of inauguration day protesters (Naked Security) The unencrypted devices have offered up a bonanza of data to police – what would your phone reveal about you?
When [s**tortion] suspect refused to unlock her iPhone, the FBI stepped in (Ars Technica) “We on some Bonnie Clyde [sh*t]I couldn’t have choose a Better partner crime lol.”
Kim Dotcom set to receive seized funds, “4 containers full of seized property” (Ars Technica) Megupload founder adds he plans to move his family to Queenstown, New Zealand.
Man Believed To Be Notorious Russian Hacker Awaiting Extradition To U.S. (Fraud Report) From the early days of online stock scams to the increasingly sophisticated world of botnets, pseudonymous hacker Peter Severa spent nearly two decades at the forefront of Russian cybercrime.
'Big hunt' for Russian hackers, but no obvious election link (AP News) MOSCOW (AP) — Pyotr Levashov appeared to be just another comfortable member of Russia's rising middle-class — an IT entrepreneur with a taste for upmarket restaurants, Thai
Suspended Sentence for Mirai Botmaster Daniel Kaye (KredbOnSecurity) Last month, KrebsOnSecurity identified U.K. citizen Daniel Kaye as the likely real-life identity behind a hacker responsible for clumsily wielding a powerful botnet built on Mirai, a malware strain that enslaves poorly secured Internet of Things (IoT) devices for use in large-scale online attacks. Today, a German court issued a suspended sentence for Kaye, who now faces cybercrime charges in the United Kingdom.